Windows 10 Need to migrate MBR Win10Pro C drive HDD contents or my Macrium Reflect backups of it to new on-the-motherboard NVMe SSD device set to UEFI GPT

@ChatGPT

What exactly is "concatenate and extract"? I interpreted that to mean take the folder I had extracted from the Samsung exe (which only contains the 0 and the u0 through 040 stuff), and tell 7zip to make a new zip file of all that, then tell 7zip to open THAT, but all it sees with the new zip are the same 0 and u0 through u40 stuff, its not trying to extract anything from them. What command exactly should I be using to "concatenate" the u0 through u40 stuff?

Good question — “concatenate” here means join the numbered fragments (u0, u1, … u40) end‑to‑end in the correct order to produce one single binary file (combined.bin). That combined file often contains the installer payload (MSI/CAB/driver files) and 7‑Zip (or lessmsi, Universal Extractor) can then open/extract it.
Do this on a Windows PC where the fragment files live. I’ll give two safe methods: PowerShell (recommended) and the old cmd copy /b approach. Then show the 7‑Zip command to try extracting the combined file.
Step 0 — prepare

• Put all the fragment files (u0 u1 … u40 and the file named 0) into one folder, e.g. C:\Temp\SamsungFrag\
• Run the commands from that folder (open an elevated Command Prompt or PowerShell).

Method A — PowerShell (recommended, keeps correct order)
Open an elevated PowerShell, change to that folder and run:
cd C:\Temp\SamsungFrag

create concatenated file in Temp​

$out = 'C:\Temp\combined.bin'
Remove-Item $out -ErrorAction Ignore
Get-ChildItem -File -Filter 'u*' | Sort-Object Name | ForEach-Object {
$in = [System.IO.File]::OpenRead($_.FullName)
$outstream = [System.IO.File]::Open($out, [System.IO.FileMode]::OpenOrCreate, [System.IO.FileAccess]::Write)
$outstream.Seek(0, 'End') | Out-Null
$in.CopyTo($outstream)
$in.Close
$outstream.Close
}

optionally append file named "0" at start or end if needed:​

if (Test-Path .\0) {

if '0' should be first:​

$tmp='C:\Temp\tmp.bin'; Remove-Item $tmp -ErrorAction Ignore
Copy-Item .\0 $tmp
Get-ChildItem -File -Filter 'u*' | Sort-Object Name | ForEach-Object { Get-Content -Encoding Byte $_.FullName -ReadCount 0 | Add-Content -Encoding Byte $tmp }
Move-Item -Force $tmp $out
}
Notes:

• The script concatenates u* files in name sort order (u0, u1, u2, ... u40). If some fragments are named u00, u01, etc., PowerShell sort still works.
• If the file named "0" must go before the u* fragments, the optional block above prepends it. If it must go at the end, you can append instead.

Method B — Windows cmd (copy /b) — only if fragments have simple numeric names and order is correct:
Open an elevated CMD in that folder and run:
copy /b u0 + u1 + u2 + u3 + u4 + u5 + u6 + u7 + u8 + u9 + u10 + u11 + u12 + u13 + u14 + u15 + u16 + u17 + u18 + u19 + u20 + u21 + u22 + u23 + u24 + u25 + u26 + u27 + u28 + u29 + u30 + u31 + u32 + u33 + u34 + u35 + u36 + u37 + u38 + u39 + u40 combined.bin
If there is a file named "0" that needs to be included, either put it first in the list or append as needed.
Step 2 — try to extract the combined file with 7‑Zip
If you have 7z.exe installed, run (adjust path):
"C:\Program Files\7-Zip\7z.exe" x C:\Temp\combined.bin -oC:\Temp\SamsungDriver
Or from PowerShell:
& 'C:\Program Files\7-Zip\7z.exe' x 'C:\Temp\combined.bin' '-oC:\Temp\SamsungDriver'

• If extraction works, C:\Temp\SamsungDriver should contain .inf/.sys (or an .msi or .cab). If it extracts an .msi, extract that MSI with 7‑Zip too:
  "C:\Program Files\7-Zip\7z.exe" x C:\Temp\SamsungDriver\installer.msi -oC:\Temp\SamsungDriverMSI

Step 3 — if 7‑Zip fails to see an archive inside the combined file

• Try lessmsi (for MSI), or Universal Extractor on combined.bin or any MSI you found.
• Try strings to see plain text in the combined file (to see if there’s an MSI/cab signature):
  powershell -command "Select-String -Pattern 'MSI|PK' -Path C:\Temp\combined.bin -SimpleMatch -AllMatches"
  (not perfect; just a quick check for recognizable headers like "MSI" or PK.. which indicates a ZIP/CAB)

If concatenation+7z still yields nothing useful, it means the fragments aren’t a simple split archive (they might be encrypted/enclosed in a custom SFX that refuses to unpack without the device). In that case the fallback is Option D from previous messages: install the package on a machine that actually has a Samsung NVMe or temporarily attach the 980 PRO to a working Windows machine so the installer runs, then Export‑WindowsDriver to capture the INF/SYS files.
Quick troubleshooting checklist

• Make sure you are concatenating in the correct numeric order (u0 → u1 → u2 .... If the fragments have leading zeros (u00, u01) PowerShell sorting will still order them numerically by name.
• Don’t ZIP the fragments before concatenation — concatenation is binary join, not zipping them into an archive. 7‑Zip needs the single combined file to contain the embedded archive (MSI/CAB).
• If you hit memory errors with Universal Extractor, do the concat + 7‑Zip approach — it’s low memory and simple.

If you want, I’ll provide the one‑line PowerShell concatenation again for your actual folder path and then the exact 7z command to run. Paste here:

• the full path to the folder that contains 0 and u0..u40, and
• confirm whether the file “0” should go before the u fragments or after it (if you don’t know, try leaving it out initially — concat u and try extraction; if that fails try prepending “0”).
  I’ll give the exact command to run and then the exact 7‑Zip command to extract.

@ChatGPT

when I invoke:
copy /b u0 + u1 + u2 + u3 + u4 + u5 + u6 + u7 + u8 + u9 + u10 + u11 + u12 + u13 + u14 + u15 + u16 + u17 + u18 + u19 + u20 + u21 + u22 + u23 + u24 + u25 + u26 + u27 + u28 + u29 + u30 + u31 + u32 + u33 + u34 + u35 + u36 + u37 + u38 + u39 + u40 combined.bin

I get the following error:

Copy-Item : A positional parameter cannot be found that accepts argument '+'.
At line:1 char:1
+ copy /b u0 + u1 + u2 + u3 + u4 + u5 + u6 + u7 + u8 + u9 + u10 + u11 + ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: ) [Copy-Item], ParameterBindingException
+ FullyQualifiedErrorId : PositionalParameterNotFound,Microsoft.PowerShell.Commands.CopyItemCommand

You ran the CMD-style copy command inside PowerShell — PowerShell interprets the plus signs as parameters, so you got that error. Two working ways to concatenate the fragments into a single binary file:
A — CMD method (simple). Run this in an elevated Command Prompt (not PowerShell) from the folder that contains u0..u40:

1. Open Start → type cmd → right‑click → Run as administrator.
2. Change to the folder containing the fragments, e.g.:
   cd /d "C:\Path\To\Fragments"
3. Run the copy command (all on one line). If you have u0 through u40 exactly named:
   copy /b u0 + u1 + u2 + u3 + u4 + u5 + u6 + u7 + u8 + u9 + u10 + u11 + u12 + u13 + u14 + u15 + u16 + u17 + u18 + u19 + u20 + u21 + u22 + u23 + u24 + u25 + u26 + u27 + u28 + u29 + u30 + u31 + u32 + u33 + u34 + u35 + u36 + u37 + u38 + u39 + u40 combined.bin
4. When it finishes, you’ll have combined.bin in that folder.

If you also have the file named 0 and you suspect it should be part of the stream, either prepend it:
copy /b 0 + u0 + u1 + ... + u40 combined.bin
or append it:
copy /b u0 + u1 + ... + u40 + 0 combined.bin
B — PowerShell method (recommended if you prefer PowerShell). Run this in an elevated PowerShell with the working folder as the current directory (replace paths as needed). It concatenates all files beginning with "u" in name order into C:\Temp\combined.bin:
mkdir C:\Temp -Force
Set-Location -Path "C:\Path\To\Fragments"
$out = 'C:\Temp\combined.bin'
if (Test-Path $out) { Remove-Item $out -Force }
Get-ChildItem -File -Filter 'u*' | Sort-Object Name | ForEach-Object {
$in = System.IO.File::OpenRead($_.FullName)
$outStream = System.IO.File::Open($out, [System.IO.FileMode]::OpenOrCreate, [System.IO.FileAccess]::Write)
$outStream.Seek(0, 'End') | Out-Null
$in.CopyTo($outStream)
$in.Close
$outStream.Close
}

If you need to include file "0" at the front:​

if (Test-Path '.\0') {
$tmp = 'C:\Temp\tmp.bin'; if (Test-Path $tmp) { Remove-Item $tmp -Force }
Copy-Item '.\0' $tmp
Get-ChildItem -File -Filter 'u*' | Sort-Object Name | ForEach-Object {
$b = System.IO.File::ReadAllBytes($_.FullName)
}
Move-Item -Force $tmp $out
}
Either way produces C:\Temp\combined.bin.
Next: try to extract the combined file with 7‑Zip

• If you have 7‑Zip installed, run (adjust path to 7z.exe if needed):
  "C:\Program Files\7-Zip\7z.exe" x "C:\Temp\combined.bin" -o"C:\Temp\SamsungDriver"
• If that extracts and you find .inf/.sys files or an .msi or .cab:
  • If you find an .msi: extract that too:
    "C:\Program Files\7-Zip\7z.exe" x "C:\Temp\SamsungDriver\whatever.msi" -o"C:\Temp\SamsungDriverMSI"
  • If you find the .inf/.sys set, copy that folder to your USB (e.g. X:\SamsungNVMeDriver) and follow the DISM injection steps we covered earlier.

If 7‑Zip says it can’t find archive headers in combined.bin (i.e. it’s not a standard archive), then the fragments are not a simple split archive and the installer probably encrypts or packages them needing the target device present. In that case your reliable options are:

• attach the 980 PRO temporarily to a working PC and run the Samsung EXE there (it will install and then you can Export‑WindowsDriver), or
• try to find an alternative official Samsung package or MSI for that driver (I can give a direct Samsung link for your region if you want), or
• use the concatenation method but try different placement of the file named "0" (prepend or append) and try extraction again.

If you want, I’ll:
1) give the exact one‑line PowerShell command already shown tailored to your folder path (paste the folder path), and then
2) give the 7‑Zip extraction command to run, and
3) if extraction fails, we move to the “attach the drive and install” plan.
Which do you want me to run/provide now — CMD copy or the PowerShell concatenation? Paste the full path to the folder where the u* files are and tell me whether you want to try including the file named "0" first or not.

@ChatGPT

Okay, with the files merged into a BIN file, what do I do with it? How do I extract that to folders?

Good — now that you have combined.bin, the next step is to extract whatever archive(s) or installer payload is embedded in it. There are several ways to do that; try them in order until one succeeds. I’ll give exact commands you can copy/paste and explain what each does.
Quick plan
1) Try 7‑Zip to list / extract (Windows).
2) If that fails, try lessmsi (if there’s an MSI inside).
3) If still nothing, use binwalk (Linux/WSL) to auto‑carve any embedded files (very reliable).
4) If you extract a .msi/.cab or a folder with .inf/.sys, copy that folder to your USB and we’ll inject with DISM (I’ll give those commands next).
A — Try 7‑Zip (Windows)
Open an elevated Command Prompt (not PowerShell) and run these from the folder that contains combined.bin, or use full paths.
1) List contents (quick check — shows if 7‑Zip sees an archive inside)
"C:\Program Files\7-Zip\7z.exe" l C:\Path\To\combined.bin
2) If the list shows an archive (MSI/CAB/ZIP), extract it:
"C:\Program Files\7-Zip\7z.exe" x C:\Path\To\combined.bin -oC:\Temp\SamsungDriver
3) If 7‑Zip extracted an .msi, extract that MSI too:
"C:\Program Files\7-Zip\7z.exe" x C:\Temp\SamsungDriver\whatever.msi -oC:\Temp\SamsungDriverMSI
Check C:\Temp\SamsungDriver (or your chosen output folder) for .inf/.sys. If found — great, copy that folder to your USB and let me know and we’ll inject it into the offline image.
If 7‑Zip prints “Can not open file as archive” or shows nothing useful, go to B.
B — Try lessmsi (if there’s an MSI)
lessmsi is a tool that can extract MSI files even when 7‑Zip can’t find them directly.
1) Download lessmsi (Windows) from A tool to view and extract the contents of an msi file - lessmsi and install or use portable.
2) Try to open combined.bin with lessmsi (File → Open) — lessmsi will try to detect MSI content.
3) If it opens, extract files to C:\Temp\SamsungDriverMSI and look for .inf/.sys.
If lessmsi finds nothing, go to C.
C — Use binwalk under WSL (recommended if A/B fail)
Binwalk is a tool that searches binary blobs for embedded files and extracts them. Using WSL (Windows Subsystem for Linux) is an easy way on Windows.
1) Install WSL (if not already) and a Linux distro (Ubuntu). From an elevated PowerShell:
wsl --install
2) Open the WSL shell (Ubuntu) and install binwalk and p7zip:
sudo apt update
sudo apt install binwalk p7zip-full
3) Copy combined.bin into a folder accessible to WSL (e.g., C:\Temp\combined.bin). In WSL, run:
cd /mnt/c/Temp
binwalk -e combined.bin
What binwalk does:

• It detects embedded file signatures (MSI, ZIP, CAB, PK, ELF, PE, etc. and extracts them into a folder named _combined.bin.extracted. Inspect that folder.

4) If binwalk extracts one or more files that are archives (e.g., installer.msi, payload.cab, something.zip), extract them with 7‑Zip either in WSL (p7zip) or back in Windows (7z). Example in WSL:
cd _combined.bin.extracted
7z x installer.msi -oextracted_msi
Check the extracted files for .inf and .sys. If found, copy them (or the whole extracted folder) to a USB drive and proceed to DISM injection on Hiren’s PE.
D — If binwalk is not available / you cannot use WSL
Use a file carver like foremost or scalpel in Linux to carve out PK (zip) or MSI signatures, but binwalk is simpler and usually works.
E — If you do extract the driver files (.inf/.sys)
Once you have a folder with .inf and .sys files, copy it to your USB (X:\SamsungNVMeDriver) and then on the rescue environment do:
1) Confirm volumes:
diskpart
list vol
exit
2) Inject driver into offline image (replace letters):
dism /Image:E:\ /Add-Driver /Driver:X:\SamsungNVMeDriver\ /Recurse
3) Ensure NVMe/storage drivers will load early:
reg load HKLM\TEMP_SYSTEM E:\Windows\System32\config\SYSTEM
reg add "HKLM\TEMP_SYSTEM\ControlSet001\Services\nvme" /v Start /t REG_DWORD /d 0 /f
reg add "HKLM\TEMP_SYSTEM\ControlSet001\Services\stornvme" /v Start /t REG_DWORD /d 0 /f
reg add "HKLM\TEMP_SYSTEM\ControlSet001\Services\storport" /v Start /t REG_DWORD /d 0 /f
reg add "HKLM\TEMP_SYSTEM\ControlSet001\Services\storahci" /v Start /t REG_DWORD /d 0 /f
reg add "HKLM\TEMP_SYSTEM\ControlSet001\Services\msahci" /v Start /t REG_DWORD /d 0 /f
reg add "HKLM\TEMP_SYSTEM\ControlSet001\Services\iaStorV" /v Start /t REG_DWORD /d 0 /f
reg unload HKLM\TEMP_SYSTEM
4) Assign ESP letter and recreate UEFI boot files:
diskpart
select vol <ESPvol>
assign letter=S
exit
bcdboot E:\Windows /s S: /f UEFI
F — If none of the extraction methods yield usable INF/SYS

• The installer may be obfuscated and only unpackable when it detects the Samsung device. In that case the most reliable method is to attach the 980 PRO to a PC that has a Samsung NVMe present, run the installer there (it will install and place INF/SYS in the Windows driver store), then run:
  Export-WindowsDriver -Online -Destination X:\ExportedDrivers
• Use that exported folder for injection (DISM step above).

Which step do you want to try next?

• If you want me to produce the exact one‑line PowerShell concatenation and 7‑Zip extract using your exact folder paths, paste the full path to your combined.bin location and confirm whether you prefer to run commands in CMD or PowerShell.
• If you want to run binwalk in WSL and need help installing WSL/binwalk, say “Do WSL binwalk” and I’ll give the exact commands tailored to your system.

Tell me how you want to proceed and I’ll give the precise next command(s).

@ChatGPT

7-zip is telling me it cannot open the bin file as archive

That said, I can right-click select the 0 file, or certain of the u(number) files and select Open in 7-zip, and examine the content, but some other of the u(number) files, if I right-click and select 7-zip, they throw an error saying they can't extract it. This is tedious and frustrating. There SHOULD be a simple, easy-peasy way to just select it ALL and extract it.

Totally understood — that’s maddening. 7‑Zip saying “cannot open file as archive” simply means the combined BIN isn’t a plain ZIP/MSI container that 7‑Zip recognizes. There are two reliable, practical routes left — pick the one you prefer and I’ll guide you step‑by‑step.
Option A — Try automatic carving (recommended if you don’t want to touch hardware)

• Use binwalk (a Linux tool) to scan and extract embedded archives from combined.bin. This is robust and usually finds an embedded MSI/CAB/ZIP that 7‑Zip can’t spot.
• How to do it (Windows, using WSL Ubuntu — I list exact commands):

1) Install WSL & Ubuntu (one command in an elevated PowerShell if not already):
wsl --install
(reboot if it asks)
2) Open the Ubuntu shell (from Start → Ubuntu) and install tools:
sudo apt update
sudo apt install binwalk p7zip-full -y
3) Make combined.bin available in WSL (if it’s at C:\Temp\combined.bin it will be /mnt/c/Temp/combined.bin). In WSL run:
cd /mnt/c/Temp
binwalk -e combined.bin
4) If binwalk finds embedded files it will create a folder _combined.bin.extracted containing discovered files (MSI/CAB/etc). Then extract any MSI or CAB it finds:

example if MSI found​

7z x _combined.bin.extracted/<found>.msi -o_extractedMSI
5) Inspect the extracted folder for .inf/.sys files. If present, copy that folder to your USB and then we’ll inject it into the offline image (I’ll give DISM/reg/bcdboot commands).
If binwalk extracts nothing useful, tell me the binwalk output (paste it) and we’ll try the concatenation variants (prepend/append the “0” fragment) or move to Option B.
Option B — Most foolproof: run the Samsung installer on a machine that actually has the Samsung NVMe (or temporarily attach the 980 PRO to a working Windows PC)

• The installer will then unpack and install the correct driver files into Windows — you can then export the installed driver and use it on the offline image.
• Steps (short):
  1) Temporarily plug the 980 PRO into a working Windows PC (or use another PC that already has a Samsung NVMe).
  2) Run Samsung_NVM_Express_Driver_3.3.exe as admin — it should install normally.
  3) Export the installed driver to USB:
  Export-WindowsDriver -Online -Destination X:\ExportedDrivers
  4) On your rescue environment copy the driver folder from X:\ExportedDrivers to X:\SamsungNVMeDriver and inject with DISM:
  dism /Image:E:\ /Add-Driver /Driver:X:\SamsungNVMeDriver\ /Recurse
  (then set Start=0 on nvme/stor drivers, bcdboot, etc — I’ll paste exact commands when you’re ready)

Which do you want to try now?

• If you want Option A (binwalk) I’ll give the exact WSL commands again and wait while you run binwalk and paste the output.
• If you want Option B I’ll give the exact Export‑WindowsDriver / DISM / registry / bcdboot commands you’ll run once you’ve installed the driver on a machine with an NVMe.

If you prefer, I can also give the one‑line PowerShell to try concatenation variants (prepend 0 or append 0) and then the 7‑Zip extraction command — but binwalk is typically the faster, more reliable extraction tool for these weird SFX fragments.
Tell me which route and I’ll provide the next exact command(s).

@ChatGPT

I am ON the machine that the Samsung drive is installed onto. It is the drive I am booting off of. It is one of those type that is installed directly onto the motherboard, it is not practical to pull it out and move it to another Windows machine as a secondary drive to try getting it detected that way. It is THAT machine on which that the installer refuses to see it as a device to install to.

Is there some other way to extract out the contents of the bin other than the two you have mentioned?

Good — you’re on the machine and we can try carving/extracting embedded archives from combined.bin using a few forensic-style techniques. Below I give a small, safe checklist with exact commands you can run in an elevated Windows prompt (PowerShell or CMD). Try them in order; stop and paste any outputs/errors you see and I’ll interpret them.
Summary of approach

• Search the combined BIN for known embedded archive headers (PK.. for ZIP/CAB, D0 CF 11 E0 for MSI/Compound File, MZ for EXE/PE), carve the byte range starting at each header to a new file, and try to extract that carved file with 7‑Zip or lessmsi. Also use Sysinternals strings to find text hints (.inf, Samsung, nvme, stornvme, iaStor, etc..

Step A — create a working folder and copy combined.bin there
Open an elevated PowerShell and run (adjust path if needed):
mkdir C:\Temp\SamsungExtract -Force
Copy-Item 'C:\Path\To\combined.bin' -Destination C:\Temp\SamsungExtract\combined.bin
Step B — run strings to look for textual hints (fast, low memory)
Download Sysinternals Strings if you don’t have it: Strings - Sysinternals
Then run (from PowerShell or CMD; path to strings.exe may differ):
"C:\Path\To\strings.exe" -n 5 C:\Temp\SamsungExtract\combined.bin > C:\Temp\SamsungExtract\strings.txt

then search for likely keywords​

Select-String -Pattern "inf|nvme|stornvme|stornvme|iaStor|Samsung|Driver" -Path C:\Temp\SamsungExtract\strings.txt -CaseSensitive:$false
If you see lines with e.g. "stornvme", "nvme", "iaStor", ".inf", note them — they point to the embedded driver area and help confirm the right offsets.
Step C — scan for common archive headers (PowerShell)
This script finds offsets of PK (ZIP/CAB), OLE (MSI) and MZ (PE) signatures and prints them:
$fn = 'C:\Temp\SamsungExtract\combined.bin'
$bytes = [System.IO.File]::ReadAllBytes($fn)
function FindOffsets($pattern){
$pat = $pattern
$off = 0
while ($off -lt $bytes.Length) {
$i = [Array]::IndexOf($bytes,$pat[0],$off)
if ($i -lt 0) { break }
$match = $true
for ($j=1;$j -lt $pat.Length;$j++){ if ($bytes[$i+$j] -ne $pat[$j]){ $match=$false; break } }
if ($match) { $i ; $off = $i + 1 } else { $off = $i + 1 }
}
}
"Searching..."
"PK04 offsets (zip/cab):"
FindOffsets ([byte)
"D0CF11E0 offsets (OLE/MSI):"
FindOffsets ([byte)
"MZ offsets (PE):"
FindOffsets ([byte)
This will print offsets (decimal) where headers appear. Paste any offsets you get.
Step D — carve starting at an offset to a separate file and try extraction
Pick an offset from Step C (for example 123456). Now carve from that offset to the end and save to carved.bin:
$in = 'C:\Temp\SamsungExtract\combined.bin'
$out = 'C:\Temp\SamsungExtract\carved_offset123456.bin'
$offset = 123456
$fs = [IO.File]::OpenRead($in)
$fs.Position = $offset
$bw = [IO.File]::Create($out)
$fs.CopyTo($bw)
$bw.Close
$fs.Close
Write-Output "wrote $out"
Now try 7‑Zip to list/extract:
"C:\Program Files\7-Zip\7z.exe" l C:\Temp\SamsungExtract\carved_offset123456.bin
"C:\Program Files\7-Zip\7z.exe" x C:\Temp\SamsungExtract\carved_offset123456.bin -oC:\Temp\SamsungExtract\carved_extracted
If 7‑Zip extracts an MSI or files, extract further (if MSI: 7z x that MSI).
If 7‑Zip shows nothing, try the same carving but carve a region instead of to EOF: carve e.g. 50 MB chunk from offset:
$in = 'C:\Temp\SamsungExtract\combined.bin'
$out = 'C:\Temp\SamsungExtract\carved_chunk.bin'
$offset = 123456
$length = 50MB
$fs = [IO.File]::OpenRead($in)
$fs.Position = $offset
$buffer = New-Object byte[] $length
$read = $fs.Read($buffer,0,$length)
[IO.File]::WriteAllBytes($out, $buffer[0..($read-1)])
$fs.Close
Then try 7‑Zip on carved_chunk.bin.
Step E — try lessmsi on carved files if MSI suspected
If bin/7z reveals an .msi, use lessmsi to extract: lessmsi x carved.msi C:\Temp\SamsungExtract\msi_extracted
Step F — if carving finds nothing useful
Try binwalk (if you can install WSL). Binwalk automates signature detection and carving and is very likely to find an embedded MSI/CAB/ZIP:

• Install WSL (if not installed): in elevated PowerShell run wsl --install and reboot.
• In Ubuntu WSL: sudo apt update && sudo apt install binwalk p7zip-full -y
• Copy combined.bin to /mnt/c/Temp and run binwalk -e combined.bin
• Inspect _combined.bin.extracted.

Step G — last resort: attach drive or enable the Samsung installer to run by faking detection

• If the installer refuses to unpack on that host, you can often force-run it under ProcMon to see where it expects the device, but that’s advanced.
• If you can’t extract, best practical route is to temporarily connect the SSD to another PC or enable the installer to run by toggling firmware (unlikely). But carving usually works.

What to run now
1) Run the strings command I gave (Step B) and paste any interesting lines (.inf, Samsung, stornvme, nvme, iaStor).
2) Run the PowerShell header search (Step C) and paste the offsets it prints (PK and/or D0CF etc).
3) If you get offset(s), try the carve to EOF then run 7z list and paste the 7z output.
I’ll analyze outputs and give the next carve/extract to try. If you want, paste the exact path where combined.bin sits and I will give the exact one‑line PowerShell carve command tailored to that offset.

@ChatGPT

How do I run that as a script? I tried inserting it into a textfile named script.txt, renamed it to script.bat and tried invoking it, but it throws a bunch of errors of the sort:

'$fn' is not recognized as an internal or external command,
operable program or batch file.

You're trying to run a PowerShell script but saved it as a .bat — that’s why you got the “$fn not recognized” errors (those $vars are PowerShell syntax). Save/run it as a PowerShell script (.ps1) or run the commands directly from an elevated PowerShell prompt. Below are safe, copy/paste‑ready steps you can run now (I show both “save a .ps1 file and run it” and a one‑line approach).
Do this in an elevated PowerShell (right‑click PowerShell → Run as administrator).
1) Put combined.bin somewhere easy, e.g. C:\Temp\combined.bin. Create a work folder:
mkdir C:\Temp\SamsungExtract -Force
Copy combined.bin into C:\Temp\SamsungExtract\combined.bin if it isn’t already there.
2A — Save the header‑scan script as a .ps1 and run it

• Open Notepad, paste the script below, save as C:\Temp\SamsungExtract\find_headers.ps1

Script (copy exactly):
$fn = 'C:\Temp\SamsungExtract\combined.bin'
if (-not (Test-Path $fn) { Write-Error "File not found: $fn"; exit 1 }
$bytes = [System.IO.File]::ReadAllBytes($fn)
function FindOffsets([byte[]$pattern) {
$results = @
$i = 0
while ($i -lt $bytes.Length) {
$idx = [Array]::IndexOf($bytes, $pattern[0], $i)
if ($idx -lt 0) { break }
$match = $true
for ($j=1; $j -lt $pattern.Length; $j++) {
if ($idx + $j -ge $bytes.Length -or $bytes[$idx+$j] -ne $pattern[$j]) { $match = $false; break }
}
if ($match) { $results += $idx; $i = $idx + $pattern.Length } else { $i = $idx + 1 }
}
return $results
}
"Scanning file: $fn (size: $([math]::Round((Get-Item $fn).Length/1MB,3) MB)"
"Searching for common signatures..."
"PK04 (zip/cab) offsets:"
(FindOffsets ([byte) | ForEach-Object { $ }
"D0CF11E0 (OLE/MSI) offsets:"
(FindOffsets ([byte) | ForEach-Object { $ }
"MZ (PE/EXE) offsets:"
(FindOffsets ([byte) | ForEach-Object { $_ }

• Save and then run it in elevated PowerShell:
  Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
  C:\Temp\SamsungExtract\find_headers.ps1
• The script will print lists of offsets (decimal numbers). Copy/paste the output here.

2B — One‑line run (no file saved)
If you prefer, run this one PowerShell command (single line) that does the same scan (paste all on one line into elevated PowerShell):
$fn='C:\Temp\SamsungExtract\combined.bin'; if(-not (Test-Path $fn){Write-Error "not found";}else{ $b=[System.IO.File]::ReadAllBytes($fn); function F($p){$r=@;$i=0;while($i -lt $b.Length){$idx=[Array]::IndexOf($b,$p[0],$i);if($idx -lt 0){break};$m=$true;for($j=1;$j -lt $p.Length;$j++){if($idx+$j -ge $b.Length -or $b[$idx+$j] -ne $p[$j]){$m=$false;break}};if($m){$r+=$idx;$i=$idx+$p.Length}else{$i=$idx+1}};$r}; "PK04 offsets:"; (F ([byte)|%{$}; "D0CF11E0 offsets:"; (F ([byte)|%{$}; "MZ offsets:"; (F ([byte)|%{$_} }
3) If the script returns offsets — carve at one offset and try to extract
Pick a promising offset (prefer PK or D0CF11E0). Suppose it prints 123456. Run this to carve from that offset to EOF and try 7‑Zip:
PowerShell carve to a new file (adjust offset and paths):
$offset=123456
$in='C:\Temp\SamsungExtract\combined.bin'
$out='C:\Temp\SamsungExtract\carved.bin'
$fs=[IO.File]::OpenRead($in); $fs.Position=$offset; $bw=[IO.File]::Create($out); $fs.CopyTo($bw); $bw.Close; $fs.Close; "Wrote $out"
Then try to list/extract with 7‑Zip (CMD or PowerShell):
& 'C:\Program Files\7-Zip\7z.exe' l 'C:\Temp\SamsungExtract\carved.bin'
& 'C:\Program Files\7-Zip\7z.exe' x 'C:\Temp\SamsungExtract\carved.bin' '-oC:\Temp\SamsungExtract\carved_extracted'
If 7‑Zip extracts an MSI or files, inspect carved_extracted for .inf/.sys. If found, copy that folder to your USB and we proceed to DISM injection.
4) If 7‑Zip finds nothing from that offset, try carving a chunk (50MB) starting at the offset (sometimes the archive has EOF markers that confuse tools):
PowerShell carve 50 MB chunk:
$offset=123456; $length=50MB; $in='C:\Temp\SamsungExtract\combined.bin'; $out='C:\Temp\SamsungExtract\carved_chunk.bin'; $fs=[IO.File]::OpenRead($in); $fs.Position=$offset; $buf=New-Object byte[] $length; $r=$fs.Read($buf,0,$length); [IO.File]::WriteAllBytes($out,$buf[0..($r-1)]); $fs.Close; "Wrote chunk $out"
Then try 7‑Zip on carved_chunk.bin as above.
5) If none of the offsets carved produce an archive, use binwalk in WSL (automated extractor). I can give step commands if you want to install WSL+binwalk.
6) If all extraction attempts fail, fallback: temporarily attach the 980 PRO to another Windows machine (or bootable USB that can see it) and run the installer there — it should install drivers that you then export with Export‑WindowsDriver. I realize you said it’s on the motherboard and you don’t want to remove it; if removal is impossible, try WSL/binwalk path first — it’s usually successful.
Next action for you right now

• Tell me whether you want to:
  A) Run the .ps1 script I provided (or the one‑line) now and paste the offsets output here, or
  B) Have me give the exact carve command for a specific offset you already saw, or
  C) I walk you through installing WSL and running binwalk.

If you choose A, run the .ps1 or one‑liner and paste what it prints (the PK04 / D0CF11E0 / MZ offsets). I’ll tell you which offset to carve and give the next exact extract command.

@ChatGPT

I copy-pasted exactly as above, named it as instructed, I get the following erroris:


At C:\Temp\SamsungExtract\find_headers.ps1:4 char:28
+ function FindOffsets([byte[]$pattern) {
+ ~
Missing ] at end of attribute or type literal.
At C:\Temp\SamsungExtract\find_headers.ps1:21 char:19
+ (FindOffsets ([byte)) | ForEach-Object { $ }
+ ~
Missing ] at end of attribute or type literal.
At C:\Temp\SamsungExtract\find_headers.ps1:23 char:19
+ (FindOffsets ([byte)) | ForEach-Object { $ }
+ ~
Missing ] at end of attribute or type literal.
At C:\Temp\SamsungExtract\find_headers.ps1:25 char:19
+ (FindOffsets ([byte)) | ForEach-Object { $_ }
+ ~
Missing ] at end of attribute or type literal.
+ CategoryInfo : ParserError: ) [], ParseException
+ FullyQualifiedErrorId : EndSquareBracketExpectedAtEndOfAttribute

Thanks — the parser errors happened because the file was treated as a batch file or the script text got mangled. Below is a corrected PowerShell script you can save and run (exact copy). I also include a one‑line way to run it (no file save required), plus the carve + 7‑Zip extraction commands you’ll need after you receive offsets.
Do this in an elevated PowerShell (right‑click PowerShell → Run as administrator).
1) Save & run method (recommended)

• Create folder and save the script:

mkdir C:\Temp\SamsungExtract -Force

• Open Notepad, paste the exact script below, save as:
  C:\Temp\SamsungExtract\find_headers.ps1

Script to paste exactly:
$fn = 'C:\Temp\SamsungExtract\combined.bin'
if (-not (Test-Path $fn) { Write-Error "File not found: $fn"; exit 1 }
$bytes = [System.IO.File]::ReadAllBytes($fn)
function FindOffsets {
param([byte[]$pattern)
$results = @
$i = 0
while ($i -lt $bytes.Length) {
$idx = [Array]::IndexOf($bytes, $pattern[0], $i)
if ($idx -lt 0) { break }
$match = $true
for ($j=1; $j -lt $pattern.Length; $j++) {
if (($idx + $j) -ge $bytes.Length -or $bytes[$idx + $j] -ne $pattern[$j]) { $match = $false; break }
}
if ($match) { $results += $idx; $i = $idx + $pattern.Length } else { $i = $idx + 1 }
}
return $results
}
Write-Output "File: $fn"
Write-Output "Size (MB): $([math]::Round((Get-Item $fn).Length/1MB,3)"
Write-Output "---- PK04 (zip/cab) offsets ----"
(FindOffsets -pattern ([byte) | ForEach-Object { Write-Output $ }
Write-Output "---- D0CF11E0 (OLE/MSI) offsets ----"
(FindOffsets -pattern ([byte) | ForEach-Object { Write-Output $ }
Write-Output "---- MZ (PE/EXE) offsets ----"
(FindOffsets -pattern ([byte) | ForEach-Object { Write-Output $_ }

• Run it:

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
& 'C:\Temp\SamsungExtract\find_headers.ps1'
Paste the output here. The script will list offsets (decimal) for signatures it finds.
2) One‑line run (no file save)
If you prefer not to save a file, run this single long command in elevated PowerShell (it does the same):
$fn='C:\Temp\SamsungExtract\combined.bin'; if(-not (Test-Path $fn){Write-Error "not found";}else{$b=[System.IO.File]::ReadAllBytes($fn); function F($p){$r=@;$i=0;while($i -lt $b.Length){$idx=[Array]::IndexOf($b,$p[0],$i);if($idx -lt 0){break};$m=$true;for($j=1;$j -lt $p.Length;$j++){if($idx+$j -ge $b.Length -or $b[$idx+$j] -ne $p[$j]){$m=$false;break}};if($m){$r+=$idx;$i=$idx+$p.Length}else{$i=$idx+1}};$r}; "PK04 offsets:"; (F ([byte)|%{$}; "D0CF11E0 offsets:"; (F ([byte)|%{$}; "MZ offsets:"; (F ([byte)|%{$_} }
3) If the script returns offset(s)
Pick a promising offset (prefer PK04 or D0CF11E0). Suppose it prints 123456. Carve from that offset to a file and try to extract:
PowerShell carve to EOF (replace 123456 and paths as required):
$offset=123456
$in='C:\Temp\SamsungExtract\combined.bin'
$out='C:\Temp\SamsungExtract\carved.bin'
$fs=[IO.File]::OpenRead($in); $fs.Position=$offset; $bw=[IO.File]::Create($out); $fs.CopyTo($bw); $bw.Close; $fs.Close; "Wrote $out"
Try to list/extract with 7‑Zip:
& 'C:\Program Files\7-Zip\7z.exe' l 'C:\Temp\SamsungExtract\carved.bin'
& 'C:\Program Files\7-Zip\7z.exe' x 'C:\Temp\SamsungExtract\carved.bin' '-oC:\Temp\SamsungExtract\carved_extracted'
If 7‑Zip extracts an MSI, run:
& 'C:\Program Files\7-Zip\7z.exe' x 'C:\Temp\SamsungExtract\carved_extracted\whatever.msi' '-oC:\Temp\SamsungExtract\msi_extracted'
4) If 7‑Zip extracts .inf/.sys — copy that folder to your USB and then we inject with DISM (I’ll give those commands again when you have the files).
5) If the script finds no useful offsets or 7‑Zip extraction fails, next step is binwalk under WSL (automated while more likely to succeed). Tell me if you want WSL instructions.
If you want, paste:

• the full output of the PowerShell script (or the one‑line) — especially any offsets listed.
• then I’ll tell you which offset to carve and run extraction on.

I’ll wait for the script output (or tell me you want the WSL/binwalk path and I’ll provide the exact commands).

@ChatGPT

The one-line version is giving me the following error:


At line:1 char:440
+ ... idx+$p.Length}else{$i=$idx+1}};$r}; "PK04 offsets:"; (F ([byte))|%{$} ...
+ ~
Missing ] at end of attribute or type literal.
At line:1 char:479
+ ... 04 offsets:"; (F ([byte))|%{$}; "D0CF11E0 offsets:"; (F ([byte))|%{$} ...
+ ~
Missing ] at end of attribute or type literal.
At line:1 char:512
+ ... D0CF11E0 offsets:"; (F ([byte))|%{$}; "MZ offsets:"; (F ([byte))|%{$_ ...
+ ~
Missing ] at end of attribute or type literal.
+ CategoryInfo : ParserError: ) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : EndSquareBracketExpectedAtEndOfAttribute

Thanks — sorry the PowerShell route became a mess. At this point the fastest, least‑fragile way to find and extract whatever is embedded in your combined.bin is to use binwalk (it auto‑scans and extracts any embedded MSI/CAB/ZIP/PE). That avoids fragile hand‑rolled scripts and will very likely spit out the MSI or driver files for you.
If you’re OK installing WSL briefly, do this (exact commands). I’ll stay with you after each step — paste the output of binwalk when it finishes.
1) Install WSL + Ubuntu (one line; do this in an elevated PowerShell)

• Open PowerShell as Administrator and run:
  wsl --install -d ubuntu
• Reboot if prompted. After reboot, open the new “Ubuntu” app from Start and let it finish installing (create a UNIX username when prompted).

2) Install binwalk and 7zip inside WSL

• In the Ubuntu shell run:
  sudo apt update
  sudo apt install binwalk p7zip-full -y

3) Place combined.bin where WSL can see it

• If your combined.bin is at C:\Temp\combined.bin (adjust if different), in the Ubuntu shell:
  cd /mnt/c/Temp
  ls -l combined.bin

(If it’s in another folder, copy it into C:\Temp first or adjust the path.
4) Run binwalk to auto‑extract embedded files

• In the Ubuntu shell run:
  binwalk -e combined.bin
• This creates a folder named _combined.bin.extracted (or similar). After it finishes, list its contents:
  ls -l _combined.bin.extracted

Paste the binwalk output here (the terminal output and the names under _combined.bin.extracted). If binwalk finds an MSI or CAB, it will be in that folder.
5) If binwalk extracted an MSI/CAB, extract it with 7z (still in WSL)

• Example if it found installer.msi:
  7z x _combined.bin.extracted/installer.msi -o_extracted_msi
• Then list extracted files:
  ls -l _extracted_msi

You’re looking for a folder or files containing .inf and .sys. If you find them, copy that folder to a USB (or to C:\Temp\SamsungDriver) so you can inject into the offline Windows image with DISM. If you prefer, paste the path(s) here and I’ll give the exact DISM/registry/bcdboot commands.
If you cannot or won’t use WSL, the fallback is:

• Use Sysinternals strings to search for .inf or driver keywords inside combined.bin, or
• Carve manually at offsets (I can give exact carve commands for PowerShell), but those are more error‑prone.

Quick alternative (Windows, no WSL) — try strings first

• Download Sysinternals Strings, then run in an elevated CMD (adjust paths):
  "C:\path\to\strings.exe" -n 6 C:\Temp\combined.bin > C:\Temp\combined_strings.txt
  findstr /i "inf nvme stornvme iaStor samsung" C:\Temp\combined_strings.txt

If you get hits containing ".inf" or "Samsung" that shows the file contains driver text (good sign). If you find hits, paste a few lines and I’ll tell you the next carve offset to try.
Which do you want to do right now?

• I recommend WSL/binwalk (Option I outlined). If yes, run the WSL steps and paste binwalk’s output here. I’ll parse it and give the next exact extraction/injection steps.
• If you prefer the Windows strings approach, run the strings command and paste results.

I’ll wait for your choice/output and then give the next precise commands.

@ChatGPT

I go to launch Ubunto and I get:

Installing, this may take a few minutes...
WslRegisterDistribution failed with error: 0x80370102
Please enable the Virtual Machine Platform Windows feature and ensure virtualization is enabled in the BIOS.
For information please visit Troubleshooting Windows Subsystem for Linux
Press any key to continue...

Thanks — that WSL error is expected when Windows virtualization support isn’t enabled. You have two paths forward — (1) enable virtualization + WSL (so binwalk in WSL will work), or (2) keep working in plain Windows and run a small PowerShell carving script and try extraction with 7‑Zip. I’ll give exactly what to do for both and you can pick which you prefer.
A — Enable Virtualization and WSL (so you can run binwalk in WSL)
1) Enable CPU virtualization in BIOS (ASUS PRIME B550‑PLUS / AMD):

• Reboot and press Del to enter BIOS.
• Press F7 for Advanced Mode.
• Advanced → CPU Configuration → set “SVM Mode” = Enabled. (On Intel boards this is VT‑x/Intel Virtualization Technology; on AMD it’s SVM.
• Save & Exit.

2) Enable the Windows features (run in an elevated PowerShell):
Open PowerShell as Administrator and run:
dism.exe /online /enable-feature /featurename:VirtualMachinePlatform /all /norestart
dism.exe /online /enable-feature /featurename:WindowsSubsystemLinux /all /norestart
Then restart the PC.
3) Install WSL / Ubuntu (once restarted, in elevated PowerShell):
wsl --install -d ubuntu
(If prompted, reboot and then open Ubuntu from Start and let it finish.
4) In Ubuntu WSL:
sudo apt update
sudo apt install binwalk p7zip-full -y
Then run:
cd /mnt/c/Temp
binwalk -e combined.bin
and inspect the created _combined.bin.extracted folder. If binwalk extracts an MSI/CAB, use 7z to extract it and find .inf/.sys.
If you want to follow this route I’ll wait while you enable the BIOS setting and run the above PowerShell/WSL commands.
B — Don’t enable WSL; use a native Windows PowerShell carving script (no WSL)
If you prefer not to change BIOS/Windows features, try this simple PowerShell script to find common embedded signatures and then carve/extract. Save or run in an elevated PowerShell.
1) Prepare folder and combined.bin at C:\Temp\SamsungExtract\combined.bin.
2) Save this script as C:\Temp\SamsungExtract\find_headers.ps1 (exactly) and run it in an elevated PowerShell:
$fn = 'C:\Temp\SamsungExtract\combined.bin'
if (-not (Test-Path $fn) { Write-Error "File not found: $fn"; exit 1 }
$bytes = [System.IO.File]::ReadAllBytes($fn)
function FindSig {
param([byte[]$pat)
$res = @
for ($i=0; $i -le $bytes.Length - $pat.Length; $i++) {
$ok = $true
for ($j=0; $j -lt $pat.Length; $j++) {
if ($bytes[$i+$j] -ne $pat[$j]) { $ok = $false; break }
}
if ($ok) { $res += $i; $i += $pat.Length - 1 }
}
return $res
}
"File: $fn"
"Size MB: $([math]::Round((Get-Item $fn).Length/1MB,3)"
"PK04 (zip/cab) offsets:"
(FindSig -pat ([byte) | ForEach-Object { Write-Output $ }
"D0CF11E0 (OLE/MSI) offsets:"
(FindSig -pat ([byte) | ForEach-Object { Write-Output $ }
"MZ (PE) offsets:"
(FindSig -pat ([byte) | ForEach-Object { Write-Output $_ }
Run:
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
& 'C:\Temp\SamsungExtract\find_headers.ps1'
3) If the script prints offsets (decimal numbers), pick one (prefer PK04 or D0CF11E0). Carve from that offset to a file and try to extract with 7‑Zip (run in elevated PowerShell):

replace 123456 with the offset you got​

$offset = 123456
$in = 'C:\Temp\SamsungExtract\combined.bin'
$out = 'C:\Temp\SamsungExtract\carved.bin'
$fs = [IO.File]::OpenRead($in); $fs.Position = $offset
$bw = [IO.File]::Create($out); $fs.CopyTo($bw); $bw.Close; $fs.Close

try 7z listing and extraction (adjust path to 7z.exe if needed)​

& 'C:\Program Files\7-Zip\7z.exe' l $out
& 'C:\Program Files\7-Zip\7z.exe' x $out "-oC:\Temp\SamsungExtract\carved_extracted"
If 7‑Zip extracts an MSI or INF/SYS files, copy that folder to USB and we’ll inject via DISM.
If that still yields nothing, binwalk/WSL is the more powerful automated next step.
Which do you want to do now?

• Enable virtualization & WSL and run binwalk (I’ll guide you through each command), or
• Run the Windows PowerShell header script above and paste the offsets it finds (I’ll give the exact carve command for the best offset).

Tell me which and I’ll provide the exact next copy/paste command.

@ChatGPT

When I make and run the new find_headers.ps1 script, I get the following errors:

At C:\Temp\SamsungExtract\find_headers.ps1:5 char:13
+ param([byte[]$pat)
+ ~
Missing ] at end of attribute or type literal.
At C:\Temp\SamsungExtract\find_headers.ps1:19 char:20
+ (FindSig -pat ([byte)) | ForEach-Object { Write-Output $ }
+ ~
Missing ] at end of attribute or type literal.
At C:\Temp\SamsungExtract\find_headers.ps1:21 char:20
+ (FindSig -pat ([byte)) | ForEach-Object { Write-Output $ }
+ ~
Missing ] at end of attribute or type literal.
At C:\Temp\SamsungExtract\find_headers.ps1:23 char:20
+ (FindSig -pat ([byte)) | ForEach-Object { Write-Output $_ }
+ ~
Missing ] at end of attribute or type literal.
+ CategoryInfo : ParserError: ) [], ParseException
+ FullyQualifiedErrorId : EndSquareBracketExpectedAtEndOfAttribute

Thanks — you were hitting PowerShell parse problems because earlier snippets got mangled. Let’s do this with a small, correct PowerShell script you can save & run (no fancy one‑liners). It will:

• read combined.bin as bytes
• search for common archive headers (PK04, OLE/MSI D0CF11E0, MZ) and print offsets
• let you pick an offset to carve from and try extracting with 7‑Zip

Step A — prepare

1. Create a work folder and put your combined.bin there (adjust paths if different):
   • Open an elevated PowerShell (right‑click → Run as administrator)
   • Run:
     mkdir C:\Temp\SamsungExtract -Force
     

     Put your combined.bin at C:\Temp\SamsungExtract\combined.bin​

Step B — save the scanner script

1. Open Notepad and paste exactly this script (no line breaks removed):

$fn = 'C:\Temp\SamsungExtract\combined.bin'
if (-not (Test-Path $fn) { Write-Error "File not found: $fn"; exit 1 }

Read file as bytes​

[byte[]$bytes = Get-Content -Path $fn -Encoding Byte
function FindOffsets([byte[]$pattern) {
$results = @
$pos = 0
while ($pos -lt $bytes.Length) {
$idx = [Array]::IndexOf($bytes, $pattern[0], $pos)
if ($idx -lt 0) { break }
$match = $true
for ($i = 1; $i -lt $pattern.Length; $i++) {
if ($idx + $i -ge $bytes.Length -or $bytes[$idx+$i] -ne $pattern[$i]) { $match = $false; break }
}
if ($match) { $results += $idx; $pos = $idx + $pattern.Length } else { $pos = $idx + 1 }
}
return $results
}
Write-Output "File: $fn"
Write-Output ("Size (MB): {0:N3}" -f ((Get-Item $fn).Length / 1MB)
Write-Output "---- PK04 (zip/cab) offsets ----"
(FindOffsets ([byte) | ForEach-Object { Write-Output $ }
Write-Output "---- D0CF11E0 (OLE/MSI) offsets ----"
(FindOffsets ([byte) | ForEach-Object { Write-Output $ }
Write-Output "---- MZ (PE/EXE) offsets ----"
(FindOffsets ([byte) | ForEach-Object { Write-Output $_ }

1. Save that file as:
   C:\Temp\SamsungExtract\find_headers.ps1

Step C — run the script
In the same elevated PowerShell run:
Set-ExecutionPolicy -Scope Process -ExecutionPolicy Bypass -Force
& 'C:\Temp\SamsungExtract\find_headers.ps1'
The script will print lists of decimal offsets for PK04, D0CF11E0, and MZ signatures (if any). Copy the offsets you see and paste them here.
Step D — carve from an offset and try extraction with 7‑Zip
Pick one offset (prefer PK04 or D0CF11E0). Replace 123456 in the commands below with the offset you saw.
1) Carve from that offset to end (PowerShell):
$offset = 123456
$in = 'C:\Temp\SamsungExtract\combined.bin'
$out = 'C:\Temp\SamsungExtract\carved.bin'
$fs = [System.IO.File]::OpenRead($in)
$fs.Position = $offset
$bw = [System.IO.File]::Create($out)
$fs.CopyTo($bw)
$bw.Close
$fs.Close
Write-Output "Wrote $out"
2) Try to list / extract with 7‑Zip (adjust path to 7z.exe if installed elsewhere):
& 'C:\Program Files\7-Zip\7z.exe' l 'C:\Temp\SamsungExtract\carved.bin'
& 'C:\Program Files\7-Zip\7z.exe' x 'C:\Temp\SamsungExtract\carved.bin' '-oC:\Temp\SamsungExtract\carved_extracted' -y
3) If 7‑Zip produces an .msi or .cab inside carved_extracted, extract that MSI:
& 'C:\Program Files\7-Zip\7z.exe' x 'C:\Temp\SamsungExtract\carved_extracted\whatever.msi' '-oC:\Temp\SamsungExtract\msi_extracted' -y
Then look in the extracted folder for .inf/.sys files. If you find them, copy the entire folder to your USB and tell me the USB letter — I’ll give the exact DISM + registry + bcdboot commands to inject and repair the offline image.
If 7‑Zip cannot open carved.bin as an archive, do one of these next:

• try carving a chunk (50 MB) beginning at the offset (sometimes EOF markers confuse extractors). Example (change offset):

$offset = 123456
$length = 50MB
$in = 'C:\Temp\SamsungExtract\combined.bin'
$out = 'C:\Temp\SamsungExtract\carved_chunk.bin'
$fs = [System.IO.File]::OpenRead($in)
$fs.Position = $offset
$buf = New-Object byte[] $length
$read = $fs.Read($buf,0,$length)
[System.IO.File]::WriteAllBytes($out, $buf[0..($read-1)])
$fs.Close
& 'C:\Program Files\7-Zip\7z.exe' l $out
& 'C:\Program Files\7-Zip\7z.exe' x $out '-oC:\Temp\SamsungExtract\carved_chunk_extracted' -y

• or (if you can enable virtualization later) use WSL+binwalk (automated and usually finds MSI/CAB inside complex SFX). I gave WSL/binwalk steps earlier; enable virtualization in BIOS then I’ll walk binwalk.

If the script produced offsets, paste them here now and I’ll tell you which one to carve first and what to expect next.
Reference / context

• This is the same safe concat/carve → 7‑Zip extract workflow I recommended earlier (see earlier guidance).

If you want, paste the output from the find_headers.ps1 run and I’ll pick the best offset and give the exact carve + 7‑Zip commands to run.